I need to protect my rails app`s rest API with OAuth 2 protocol. I have tried the Doorkeeper gem but it uses the same server for authentication, I don't think it's good for scaling. How can I config my rails app to use an external OAuth server?
问问题
303 次
2 回答
0
There are many ways you can go about this. You can create a new server to handle only Authentication and User Management.
This can even be achieved with the Doorkeeper gem because all you'd need to do is expose the API calls that Doorkeeper provides for you to authenticate and return the token for other authorizations. You would then need from your app server make sure you check with your OAuth server that the token the clients are passing in are valid.
Take a look at this explanation: https://doorkeeper-provider.herokuapp.com/
于 2013-04-11T13:16:58.043 回答
0
Yeah, I find an answer. Leo thnx for your comments!
Resource Server: https://github.com/joshsoftware/sso-devise-omniauth-client
Auth Server: https://github.com/joshsoftware/sso-devise-omniauth-provider
Doorkeeper can be used on AuthServer.
于 2013-04-15T14:38:48.927 回答